GhostPoster attacks hide malicious JavaScript in Firefox addon logos

A new campaign dubbed 'GhostPoster' is hiding JavaScript code in the image logo of malicious Firefox extensions counting more ...

North Korean hackers exploit React2Shell flaw in EtherRAT malware attacks

A new malware implant called EtherRAT, deployed in a recent React2Shell attack, runs five separate Linux persistence mechanisms and leverages Ethereum smart contracts for communication with the ...
FinanceFeeds

Hackers Exploit JavaScript Library to Deploy Crypto Wallet Drainers

Hackers exploit a critical React JavaScript vulnerability, CVE-2025-55182, to deploy crypto wallet drainers on legitimate websites ...

Hackers are exploiting a JavaScript library to plant crypto drainers

Hackers are exploiting a vulnerability in React to inject wallet-draining malware into cryptocurrency websites.
Cryptopolitan on MSN

Critical React flaw triggers a wave of crypto wallet drainers

SEAL Security researchers warned that a critical React flaw fueled a surge in wallet-draining attacks on crypto websites.

Shai Hulud malware turns developers into unwitting distributors in NPM supply chain attacks

Shai Hulud is a malware campaign first observed in September targeting the JavaScript ecosystem that focuses on supply chain ...

Malicious Firefox Extensions Hid Malware Inside Their Own Logos, Researchers Warn

Security researchers have uncovered a troubling new malware campaign that has been hiding malicious code inside the logo ...

Darktrace researchers discover devilishly deadly new BeaverTail malware variant linked to Lazarus Group

Darktrace threat researchers have identified and analyzed a new variant of BeaverTail, a malware family associated with North Korea’s Lazarus Group activity. BeaverTail is a JavaScript-based ...
Cybernews

React vulnerability hits crypto websites with drainers

As reported by Cybernews, the React vulnerability, which enables external attackers to run privileged, arbitrary code on ...